建立MySql连接
a) 服务端往客户端发送握手初始化包(Handshake Initialization Packet)
b) 客户端往服务端发送验证包(Client Authentication Packet)
c) 服务端往客户端发送成功包
校验方法
在 a) 服务端往客户端发送握手初始化包(Handshake Initialization Packet),会携带客户端应该使用的authentication method.
每个用户使用什么样的校验方法是确定的,在mysql.user表中:Method used for authentication is tied to the user account and stored in the plugin column of mysql.user table.
mysql> select * from mysql.user where user = 'vddl' limit 10 \G;
*************************** 1. row ***************************
Host: localhost
User: vddl
Password: *57B4F32D94FF1EC6EC480F8F437B795BEE4A994F
Select_priv: Y
Insert_priv: Y
Update_priv: Y
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Reload_priv: N
Shutdown_priv: N
Process_priv: N
File_priv: N
Grant_priv: N
References_priv: Y
Index_priv: Y
Alter_priv: Y
Show_db_priv: N
Super_priv: N
Create_tmp_table_priv: N
Lock_tables_priv: N
Execute_priv: N
Repl_slave_priv: N
Repl_client_priv: N
Create_view_priv: N
Show_view_priv: N
Create_routine_priv: N
Alter_routine_priv: N
Create_user_priv: N
Event_priv: N
Trigger_priv: Y
Create_tablespace_priv: N
ssl_type:
ssl_cipher:
x509_issuer:
x509_subject:
max_questions: 0
max_updates: 0
max_connections: 0
max_user_connections: 0
plugin: mysql_native_password
authentication_string:
password_expired: N
其中,plugin: mysql_native_password字段指定了应该使用什么校验方法。
抓包工具也可以看到
0000 02 00 00 00 45 00 00 86 59 22 40 00 40 06 00 00 ....E...Y"@.@... 0010 7f 00 00 01 7f 00 00 01 0c ea f0 fe b7 3c 39 4c .............<9L 0020 2e ac 31 1f 80 18 31 d7 fe 7a 00 00 01 01 08 0a ..1...1..z...... 0030 13 0f 4c 2f 13 0f 4c 2f 4e 00 00 00 0a 35 2e 36 ..L/..L/N....5.6 0040 2e 32 34 2d 6c 6f 67 00 03 00 00 00 2c 48 64 43 .24-log.....,HdC 0050 5e 33 22 4d 00 ff f7 08 02 00 7f 80 15 00 00 00 ^3"M............
0060 00 00 00 00 00 00 00 41 3a 42 7b 65 68 5d 75 57 .......A:B{eh]uW 0070 32 34 4f 00 6d 79 73 71 6c 5f 6e 61 74 69 76 65 24O.mysql_native 0080 5f 70 61 73 73 77 6f 72 64 00 _password.
最后,也会有mysql_native_password.
客户端上传用户名、密码、当前数据库